I was handed an interesting PDF document. It doesn't contain malicious code, yet it generates network traffic. Let me explain how this is achieved. Creating a PDF that makes a HTTP(S) connection to a website is easy. There's no need to use an exploit, not even JavaScript. You just have to use a URI object: … Continue reading PDF URIs